A
Healthcare security revealed a contradiction between the confidence that
healthcare professionals have in the visibility of connected medical
devices and security of their networks, and the inefficient and
ineffective legacy processes many still rely on to keep them secure.

The survey included not only IT/IS
professionals, but also clinical and biomedical engineers who play
critical roles in managing and securing connected medical devices.

Unfortunately, their confidence is
not justified. “Most organizations are thinking about antivirus,
endpoint protection and firewalls, but there are many devices — like
medical monitoring equipment — and no one is thinking about securing
them,” said Jon Booth, Bear Valley Community Hospital District IT
director and Zingbox customer. Additionally, as noted in a Gartner
report, Market Trends: Five Healthcare Provider Trends for 2018
published in November 2017 notes: “Generally, medical devices are not
replaced for at least 10 years, with many running old software that has
not been updated or patched.”

And there are other challenges:
the Zingbox survey revealed 41 percent of healthcare IT professionals do
not have a separate or sufficient budget for securing connected devices.

Majority of Clinical and Biomedical Engineers Still Rely on Manual
Processes for IoT Devices

When asked about inventory of
connected medical devices, majority of clinical and biomedical engineers
(85 percent) were confident that they have an accurate inventory of all
connected medical devices even though many rely on manual audits, which
are prone to human error and quickly become outdated. Additional
responses from clinical and biomedical engineers include:

Close to two-thirds (64
percent) of responses indicate reliance on some form of manual
room-to-room audit or use of static database to inventory the
connected devices in their organization

Just 21 percent of responses
say their devices receive preventative maintenance based on device
usage as opposed to some kind of fixed schedule

The
survey also shows that more than half (55 percent) of responses indicate
clinical/biomedical engineers must walk over to the device or call
others to check on their behalf whether a device is in-use before
scheduling repairs. Many make the trip only to find out that the device
is in-use by patients and must try again in the future hoping for better
luck.

“Despite the recent progress of the healthcare industry, the survey
exemplifies the continued disconnect between perception of security and
the actual device protection available from legacy solutions and
processes. Unfortunately, much of the current perception stems from the
use of traditional solutions, processes and general confusion in the
market,” said Xu Zou, CEO and co-founder of Zingbox. “Only by adopting
the latest IoT technology and revisiting decade-old processes, can
healthcare providers be well prepared when the next WannaCry hits.”